When we launched our RapidLEI service in mid-2018, we knew that for a step change in LEI adoption we need solutions that return value, not just regulatory compliance. We’re now seeing that happen with LEIs in wide ranging use cases like site seals and electronic signatures for company reports (we have plenty more signature based LEI solutions just around the corner, stay tuned).
The CA community in particular has reacted well to the LEI opportunity and in recent months we’ve announced a partnership with DigiCert (the world’s largest commercial CA), as well as a number of high profile SSL resellers.
We’ve also seen thoughtful conversations in the CA/B Forum and other financial forums around the value that LEIs can potentially add to digital certificates and those that rely on them. LEI codes represent a pointer to live, up-to-date, publicly verifiable legal entity data. Certificates currently carry hard coded entity reference data, but the embedding of an LEI code instead presents a reference to up-to-date entity data. Embedding LEI codes give application developers the opportunity to render live LEI data to relying parties in innovative, user friendly ways.
Those conversations have now contributed to a draft ISO standard. Specifically, ISO/DIS 17442-2.
ISO, the International Organization for Standardization, was founded with the idea of answering a fundamental question: “what’s the best way of doing this?” The 17442-2 draft details the potential combined benefits of LEIs and digital certificates and proposes a standardized means of embedding the LEI into a certificate. As well as the technical detail, some of which we have previously published on our LEI for Certificate Authorities page, there is a well explained benefit statement highlighting how the combination of LEIs and digital certificates complement each other to provide a standardized digital identity.
You can read the foreword and introduction to ISO/DIS 17442-2 at https://www.iso.org/obp/ui/#iso:std:iso:17442:-2:dis:ed-1:v1:en
One of the key points of the draft is how solutions can use the LEI and digital certificate combination to associate entities with non-repudiated actions. This is a subject we’re passionate about, and with our Right to Represent solution (based on our Customer IDaaS solution and the OAuth protocol) we take this concept a step further down to the individual associated with the legal entity.